The use of a TPM by BitLocker for security proves to be its downfall in this particular exploit.
BitLocker stands out as a widely accessible encryption solution today, integrated into Windows 10 Pro and Windows 11 Pro to safeguard data from unauthorized access. However, YouTuber stacksmashing recently uncovered a significant vulnerability in BitLocker, allowing bypassing of its security measures in under a minute using a low-cost Raspberry Pi Pico device. This exploit grants access to encryption keys crucial for unlocking protected data, with the entire process taking just 43 seconds.
The exploit capitalizes on a known flaw in systems utilizing a dedicated Trusted Platform Module (TPM). In certain setups, BitLocker relies on an external TPM to store vital information like Platform Configuration Registers and Volume Master Key. Communication between the external TPM and the CPU via the LPC bus occurs without encryption during boot-up, enabling interception of critical data flow and theft of encryption keys.
Stacksmashing’s demonstration involved testing the attack on an older laptop with BitLocker encryption, utilizing an accessible LPC bus connector adjacent to an M.2 port on the motherboard. While similar attacks can be attempted on newer motherboards employing external TPMs, they often require more effort to intercept bus traffic.
To read data from the connector, stacksmashing devised a simple Raspberry Pi Pico device capable of establishing contact with the unsecured connector’s metal pads. The programmed Pico extracts raw data from the TPM, providing access to the Volume Master Key stored on the module.
This revelation underscores the vulnerability of Windows BitLocker and external TPMs due to unencrypted data lanes between the TPM and CPU. However, the risk is primarily associated with discrete TPMs. Users with CPUs featuring built-in TPMs, such as modern Intel and AMD processors, are less susceptible as all TPM communication takes place internally within the CPU.
